Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

"Cannot update DV when using a generated SSL key" appears when downloading an update

    • Updated:
    • 27 Mar 2019
    • Product/Version:
    • TippingPoint SMS All.All
    • Platform:
    • N/A N/A
Summary

Customer may not be able to add IPS to SMS, and unable to deploy Digital Vaccine. When trying to download the update, the following error shows:

Cannot update DV when using a generated SSL key. To resolve,
install a new SSL key or set FIPS mode to crypto or disable.

SSL key error

Details
Public

If the SSL cert on the SMS, for example, is expired or not valid, the device would not allow to communicate with the SMS because they treat it as untrusted device. This can also be an issue when trying to add a device that is either under control of another SMS or does not trust this cert. There is a cert on the SMS in the "background", which won't be shown in the UI. This is a normal behavior.

If the SMS can successfully control other devices, there is a corruption of the cert/SSL on the side of the IPS.

To address this issue:

  1. Log in to the device's CLI via SSH as superuser.
  2. Make sure the device is not in SMS control using the command below.
    It should give you a single line with either "Error, SMS is controlling the device" - or "" as output.

    # fips reload-ssl

  3. Generate a new key using the following command:

    # fips restore-ssl

Premium
Internal
Rating:
Category:
Troubleshoot
Solution Id:
1122194
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.